[squid-users] Looking for ideas on how to use squid in order to protect against a DOS\DDOS.
eliezer at ngtech.co.il
Tue Dec 1 16:45:00 UTC 2015
On 01/12/2015 18:23, joe wrote:
> put your server behind mikrotik
> mikrotik has advance firewall and use tarpit instead of drop
> tarpit it freeze the attacker then drop his connection so making his attack
> dig in mikrotik forum you find lots of working sample depend on Ddos attack
I will look into it.
I am using a Linux based router in many places so I can use a black-hole
route which is faster then itpables.
But I have had couple cases in the past so I have used two methods.
For a DoS I redirected the traffic towards a block page while for a DDoS
I have used black-hope route for an AS or even more.
More information about the squid-users